<?php
session_start();
if (!isset($_SESSION['captcha'])) {
    $_SESSION['captcha'] = rand(1000,9999);
}
if ($_POST) {
    if ($_POST['captcha'] != $_SESSION['captcha']) {
        $msg = '验证码错误';
    } elseif ($_POST['user'] === 'admin' && $_POST['pass'] === (file_exists('passwd.txt') ? trim(file_get_contents('passwd.txt')) : '123456')) {
        $_SESSION['admin'] = true;
        unset($_SESSION['captcha']);
        header('Location: dashboard.php');
        exit;
    } else {
        $msg = '用户名或密码错误';
    }
    $_SESSION['captcha'] = rand(1000,9999);
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width,initial-scale=1">
    <title>后台登录</title>
    <link href="https://cdn.bootcdn.net/ajax/libs/bootstrap/5.3.2/css/bootstrap.min.css" rel="stylesheet">
    <style>
    .captcha-img { font-size:2rem; letter-spacing:8px; font-weight:bold; color:#007aff; background:#f2f2f7; border-radius:8px; padding:2px 18px; user-select:none; }
    </style>
</head>
<body class="d-flex align-items-center justify-content-center" style="height:100vh;background:#f5f6fa;">
    <form method="post" class="p-4 bg-white rounded shadow" style="min-width:260px;max-width:320px;">
        <h4 class="mb-3 text-center">后台登录</h4>
        <?php if(isset($msg)) echo '<div class="alert alert-danger">'.$msg.'</div>'; ?>
        <input name="user" class="form-control mb-2" placeholder="用户名" required>
        <input name="pass" type="password" class="form-control mb-2" placeholder="密码" required>
        <div class="mb-2 d-flex align-items-center gap-2">
            <input name="captcha" class="form-control" placeholder="验证码" maxlength="4" required style="width:100px;">
            <span class="captcha-img" onclick="location.reload()" title="点击刷新验证码"><?=$_SESSION['captcha']?></span>
        </div>
        <button type="submit" class="btn btn-primary w-100">登录</button>
    </form>
</body>
</html> 